package com.jyhz.model.filter;//package com.jyhz.model.filter;
//
//
//import org.springframework.beans.factory.annotation.Autowired;
//import org.springframework.data.redis.core.RedisTemplate;
//import org.springframework.security.crypto.password.PasswordEncoder;
//import org.springframework.stereotype.Component;
//import org.springframework.web.filter.OncePerRequestFilter;
//
//import javax.servlet.FilterChain;
//import javax.servlet.ServletException;
//import javax.servlet.http.HttpServletRequest;
//import javax.servlet.http.HttpServletResponse;
//import javax.servlet.http.HttpSession;
//import java.io.IOException;
//
///**
// * @author: 谢君臣
// * @create: 2020-08-27 9:56
// * @founction: 验证码过滤器
// */
//@Component
//public class VerifyCodeFilter extends OncePerRequestFilter {
//    @Autowired
//    RedisTemplate redisTemplate;
//    @Autowired
//    private PasswordEncoder passwordEncoder;
//
//    private AuthenticationFailureHandler authenticationFailureHandler;
//
//    public static final String SESSION_KEY = "SESSION_KEY_IMAGE_CODE";
//
//    @Override
//    protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
//        if(httpServletRequest.getRequestURI().equals("/login-psw"))   // 用验证码登录时进行验证码校验
//        {
//            try {
//                // 1. 进行验证码的校验
//                String verifyCode = httpServletRequest.getParameter("verifyCode");
//                HttpSession session = httpServletRequest.getSession();
//                String randomString = (String) session.getAttribute(SESSION_KEY);
//                String code = (String) redisTemplate.opsForValue().get(randomString);
//                redisTemplate.delete(randomString);
//                if (!verifyCode.toLowerCase().equals(code.toLowerCase()))  // 忽略大小写
//                    throw new ValidateCodeException("验证码错误");
//            } catch (ValidateCodeException e) {
//                // 2. 如果校验不通过，调用SpringSecurity的校验失败处理器
//                authenticationFailureHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse,e);
//            }
//        }
//        // 3. 校验通过，就放行
//        filterChain.doFilter(httpServletRequest, httpServletResponse);
//    }
//}
